| Titel | Yii Software LLC Yii 2.0 <=2.0.39 Deserialization |
|---|
| Beschreibung | Yii version <=2.0.39 has a deserialization vulnerability. If the framework is referenced and there is a deserialization entry point, an attacker can achieve arbitrary command execution through deserialization. |
|---|
| Quelle | ⚠️ https://github.com/gaorenyusi/gaorenyusi/blob/main/Yii2-2.md |
|---|
| Benutzer | gaorenyusi (UID 74236) |
|---|
| Einreichung | 17.03.2025 14:37 (vor 1 Jahr) |
|---|
| Moderieren | 23.03.2025 10:36 (6 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 300711 [yiisoft Yii2 bis 2.0.39 MockClass.php generate erweiterte Rechte] |
|---|
| Punkte | 17 |
|---|